CVE-2008-4064
CVE-2008-4064
Multiple unspecified vulnerabilities in Mozilla Firefox 3.x before 3.0.2 allow remote attackers to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary code via vectors related to graphics rendering and (1) handling of a long alert messagebox in the cairo_surface_set_device_offset function, (2) integer overflows when handling animated PNG data in the info_callback function in nsPNGDecoder.cpp, and (3) an integer overflow when handling SVG data in the nsSVGFEGaussianBlurElement::SetupPredivide function in nsSVGFilters.cpp.
Produtos afetados
n/a · n/aQuer saber se a sua infraestrutura está exposta a isto?
Falar com a TrueHacking →Referências
http://lists.opensuse.org/opensuse-security-announce/2008-10/msg00005.htmlhttps://bugzilla.mozilla.org/show_bug.cgi?id=441368https://bugzilla.mozilla.org/show_bug.cgi?id=441995https://bugzilla.mozilla.org/show_bug.cgi?id=443693http://secunia.com/advisories/31987http://secunia.com/advisories/32011http://secunia.com/advisories/32012http://secunia.com/advisories/32025http://secunia.com/advisories/32044http://secunia.com/advisories/32082http://secunia.com/advisories/32089http://secunia.com/advisories/32095